- All Exams Instant Download
If the firewall is configured for credential phishing prevention using the “Domain Credential Filter” method, which login will be detected as credential theft?
If the firewall is configured for credential phishing prevention using the “Domain Credential Filter” method, which login will be detected as credential theft?A . Mapping to the IP address of the logged-in user.B . First four letters of the username matching any valid corporate username.C . Using the same user’s...
Which feature can provide NGFWs with User-ID mapping information?
Which feature can provide NGFWs with User-ID mapping information?A . Web CaptchaB . Native 802.1q authenticationC . GlobalProtectD . Native 802.1x authenticationView AnswerAnswer: C
How can the firewall be configured automatically disable the PBF rule if the next hop goes down?
A user’s traffic traversing a Palo Alto Networks NGFW sometimes can reach http://www.company.com. At other times the session times out. The NGFW has been configured with a PBF rule that the user’s traffic matches when it goes to http://www.company.com. How can the firewall be configured automatically disable the PBF rule...
Based on the information shown in the image, which NAT rule will forward web-browsing traffic correctly?
An administrator wants multiple web servers in the DMZ to receive connections initiated from the internet. Traffic destined for 206.15.22.9 port 80/TCP needs to be forwarded to the server at 10.1.1.22. Based on the information shown in the image, which NAT rule will forward web-browsing traffic correctly? A) B) C)...
How does Panorama prompt VMWare NSX to quarantine an infected VM?
How does Panorama prompt VMWare NSX to quarantine an infected VM?A . HTTP Server ProfileB . Syslog Server ProfileC . Email Server ProfileD . SNMP Server ProfileView AnswerAnswer: A
Which priority is correct for the passive firewall?
An administrator has been asked to configure active/passive HA for a pair of Palo Alto Networks NGFWs. The administrator assigns priority 100 to the active firewall. Which priority is correct for the passive firewall?A . 0B . 99C . 1D . 255View AnswerAnswer: D Explanation: Reference: https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/framemaker/71/pan-os/pan-os/section_5.pdf (page 9)
Which option will protect the individual servers?
A client is concerned about resource exhaustion because of denial-of-service attacks against their DNS servers. Which option will protect the individual servers?A . Enable packet buffer protection on the Zone Protection Profile.B . Apply an Anti-Spyware Profile with DNS sinkholing.C . Use the DNS App-ID with application-default.D . Apply a...
Which two configuration options can be used to correctly categorize their custom database application?
A customer has an application that is being identified as unknown-top for one of their custom PostgreSQL database connections. Which two configuration options can be used to correctly categorize their custom database application? (Choose two.)A . Application Override policy.B . Security policy to identify the custom application.C . Custom application.D...
Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?
Which CLI command is used to simulate traffic going through the firewall and determine which Security policy rule, NAT translation, static route, or PBF rule will be triggered by the traffic?A . checkB . findC . testD . simView AnswerAnswer: C Explanation: Reference: http://www.shanekillen.com/2014/02/palo-alto-useful-cli-commands.html
Which VPN configuration would adapt to changes when deployed to the future site?
A company needs to preconfigure firewalls to be sent to remote sites with the least amount of reconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data centers. Which VPN configuration would adapt to changes when deployed to the...
